\chapter{General Description}\label{ch:description}

%\section
%\subsection
%\subsubsection
%\paragraph{Import à partir d'un fichier}
\section{Common Vulnerabilities and Exposure Database}

\begin{wrapfigure}{r}{45mm}
\centering
\includegraphics{img/tableau.png}
\caption{XSS vulnerabilities over time}
\label{tab}
\end{wrapfigure}

Identifying a vulnerability is a long process and maybe uite hasardous, therefore, databases of vulnerabilities have been set up. In order to keep track of vulnerabilities and allow developpers to be kept in touch of the security of their own software.
Moreover this kind of database allow us some statiscal analysis on the kind of attack and of the software affected.

On behalf of this table~\ref{tab}, we see that 2006 was the year of the xss exploits with nearly 20\% of the declared vulnerabilities) and that their utilization has been really intensive since 2002 to 2010. Nowadays, we can assume that a lot of security efforts have been made allowing this kind of attack to decrease and evolving like the others, meaning occasionnaly.

\section{\css vulnerabilities Description}

\begin{figure}
\centering
\includegraphics{img/http.png}
\caption{XSS vulnerabilities over time}
\label{http}
\end{figure}


\subsection{Non-Persistent}

In this kind of case, the \css attack is directly interpreted by the server ~\ref{http}. Most of the time, it's a call to a special file with argument passed through the GET HTTP request. This kind of attack aren't stored on the server, and the interpretation of the malicious code is directly inserted in the html final page received by the hacker. Anyway, this kind of attack can allow him to get access to file of the server's system such as /etc/passwd or intel about the server's machine(/proc/cpuinfo). We will see a typical exemple in the chapter \ref{ch:mantis} with the mantis framework.

\subsection{Persistent}

This one has way more devastating power since the malicious code will be stored on the server and potentially displayed to any other users asking for it. This kind of attack typically affect social network, guestbooks, \ldots

This exploit is more complex to establish since it must go through 2 analysis : the server's one and then the browser's. 
In order to understand it better, we'll study the MySpace worm in the chapter \ref{ch:samy}.
